search

hectcastro / docker-riak

A Docker project to bring up a local Riak cluster.
https://registry.hub.docker.com/u/hectcastro/riak/
Apache License 2.0
167 stars 83 forks source link

Read-only file system errors during image build on Docker 0.11.1 #13

Closed hectcastro closed 10 years ago

hectcastro commented 10 years ago

On Docker 0.11.0 and above, some sysctl related steps in the Dockerfile fail with a read-only file system error:

$ make build
docker build -t "hectcastro/riak" .
Uploading context 892.4 kB
Uploading context
Step 0 : FROM phusion/baseimage:0.9.9
Pulling repository phusion/baseimage
745d3ac92697: Download complete
511136ea3c5a: Download complete
6170bb7b0ad1: Download complete
9cd978db300e: Download complete
a6d44c263269: Download complete
13e42d0c2a51: Download complete
846e143f3fab: Download complete
10ebd1d649cb: Download complete
5db917407faa: Download complete
 ---> 745d3ac92697
Step 1 : MAINTAINER Hector Castro hector@basho.com
 ---> Running in 734c2e8d1465
 ---> f5e5d9646d4a
Removing intermediate container 734c2e8d1465
Step 2 : ENV DEBIAN_FRONTEND noninteractive
 ---> Running in 3b3320786e09
 ---> 2cb6ba3be28e
Removing intermediate container 3b3320786e09
Step 3 : ENV RIAK_VERSION 1.4.8
 ---> Running in 438bd4976a5a
 ---> 6271107b7db0
Removing intermediate container 438bd4976a5a
Step 4 : ENV RIAK_SHORT_VERSION 1.4
 ---> Running in 82bc122a22c1
 ---> 04cea8151e88
Removing intermediate container 82bc122a22c1
Step 5 : ADD http://s3.amazonaws.com/downloads.basho.com/riak/${RIAK_SHORT_VERSION}/${RIAK_VERSION}/ubuntu/precise/riak_${RIAK_VERSION}-1_amd64.deb /
 ---> 435d530e7e41
Removing intermediate container c2da170361dc
Step 6 : RUN (cd / && dpkg -i "riak_${RIAK_VERSION}-1_amd64.deb")
 ---> Running in 5efd67d2d4a0
Selecting previously unselected package riak.
(Reading database ... 12731 files and directories currently installed.)
Unpacking riak (from riak_1.4.8-1_amd64.deb) ...
Setting up riak (1.4.8-1) ...
Adding group `riak' (GID 105) ...
Done.
Adding system user `riak' (UID 103) ...
Adding new user `riak' (UID 103) with group `riak' ...
Not creating home directory `/var/lib/riak'.
Processing triggers for ureadahead ...
 ---> 79104c324bb6
Removing intermediate container 5efd67d2d4a0
Step 7 : RUN mkdir -p /etc/service/riak
 ---> Running in 9ec98048eac9
 ---> 23d480f20e56
Removing intermediate container 9ec98048eac9
Step 8 : ADD bin/riak.sh /etc/service/riak/run
 ---> 6be33e4bff83
Removing intermediate container 7fd0a06e5ddd
Step 9 : ADD bin/automatic_clustering.sh /etc/my_init.d/99_automatic_clustering.sh
 ---> 9890e5bd1845
Removing intermediate container bb9d94cbb48d
Step 10 : RUN sed -i.bak 's/127.0.0.1/0.0.0.0/' /etc/riak/app.config &&    sed -i.bak 's/{anti_entropy_concurrency, 2}/{anti_entropy_concurrency, 1}/' /etc/riak/app.config &&    sed -i.bak 's/{map_js_vm_count, 8 }/{map_js_vm_count, 0 }/' /etc/riak/app.config &&    sed -i.bak 's/{reduce_js_vm_count, 6 }/{reduce_js_vm_count, 0 }/' /etc/riak/app.config &&    sed -i.bak 's/{hook_js_vm_count, 2 }/{hook_js_vm_count, 0 }/' /etc/riak/app.config &&    sed -i.bak "s/##+zdbbl/+zdbbl/" /etc/riak/vm.args
 ---> Running in f3b130d124c2
 ---> b021e433fece
Removing intermediate container f3b130d124c2
Step 11 : RUN echo "vm.swappiness = 0" > /etc/sysctl.d/riak.conf &&    echo "net.ipv4.tcp_max_syn_backlog = 40000" >> /etc/sysctl.d/riak.conf &&    echo "net.core.somaxconn = 40000" >> /etc/sysctl.d/riak.conf &&    echo "net.ipv4.tcp_sack = 1" >> /etc/sysctl.d/riak.conf &&    echo "net.ipv4.tcp_window_scaling = 1" >> /etc/sysctl.d/riak.conf &&    echo "net.ipv4.tcp_fin_timeout = 15" >> /etc/sysctl.d/riak.conf &&    echo "net.ipv4.tcp_keepalive_intvl = 30" >> /etc/sysctl.d/riak.conf &&    echo "net.ipv4.tcp_tw_reuse = 1" >> /etc/sysctl.d/riak.conf &&    echo "net.ipv4.tcp_moderate_rcvbuf = 1" >> /etc/sysctl.d/riak.conf &&    sysctl -e -p /etc/sysctl.d/riak.conf
 ---> Running in 11d999b30f83
error: "Read-only file system" setting key "vm.swappiness"
error: "Read-only file system" setting key "net.core.somaxconn"
2014/05/09 12:55:49 The command [/bin/sh -c echo "vm.swappiness = 0" > /etc/sysctl.d/riak.conf &&    echo "net.ipv4.tcp_max_syn_backlog = 40000" >> /etc/sysctl.d/riak.conf &&    echo "net.core.somaxconn = 40000" >> /etc/sysctl.d/riak.conf &&    echo "net.ipv4.tcp_sack = 1" >> /etc/sysctl.d/riak.conf &&    echo "net.ipv4.tcp_window_scaling = 1" >> /etc/sysctl.d/riak.conf &&    echo "net.ipv4.tcp_fin_timeout = 15" >> /etc/sysctl.d/riak.conf &&    echo "net.ipv4.tcp_keepalive_intvl = 30" >> /etc/sysctl.d/riak.conf &&    echo "net.ipv4.tcp_tw_reuse = 1" >> /etc/sysctl.d/riak.conf &&    echo "net.ipv4.tcp_moderate_rcvbuf = 1" >> /etc/sysctl.d/riak.conf &&    sysctl -e -p /etc/sysctl.d/riak.conf] returned a non-zero code: 255
make: *** [build] Error 1

As of now, the errors appear to be isolated to setting vm.swappiness and net.core.somaxconn.

amattn commented 10 years ago

same error on my system:

Mac OS X 10.9.2 boot2docker 0.9.0 docker 0.11.1

hectcastro commented 10 years ago

Looks like we are not alone: https://groups.google.com/d/msg/docker-user/pN2hEj___Wc/OK4UQ8f0-TQJ

amattn commented 10 years ago

https://github.com/dotcloud/docker/issues/5703#issuecomment-42702024

According to creak, docker 0.11 and up restricts access to /proc and /sys for security reasons.

hectcastro commented 10 years ago

Resolved in 47f60f48d4f2d265ddf0ddf1e5723ee3f98e8d39.

Thanks for reporting this issue, @amattn.